When we specify an image name in the K8s manifest file, it has three parts:
registry/user-account/image-repository. If the registry is not specified, by default it is docker.io. If the user-account is not specified, by default it is library. Image repositories under the library user account are built with best practices and are maintained by a dedicated team.Using Private Container Registry in K8s
To use a container image from a private repository, create a secret object of type
docker-registry with the registry credentials. Use this secret as imagePullSecrets in the pod definition.kubectl create secret docker-registry regred \ --docker-server=private-registry.io --docker-username=registry-user \ --docker-password=registry-password \ --docker-email=registry-user@org.com
apiVersion: v1 kind: Pod metadata: name: webapp spec: containers: - name: nginx image: private-registry.io/apps/webapp imagePullSecrets: - name: regcred